When Hackers Hack Hackers

Notable cases of internecine cyber squabbles.

1 of 9

Image Source: Adobe Stock

While most cybercriminals tend to set their sights on siphoning valuable data from poorly protected enterprises, there's no limit to the kinds of targets they'll seek out. There's no honor among thieves, so it shouldn't be a surprise that with the right kind of motivation, malicious hackers will happily attack other black hat and grey hat hackers.

Sometimes the attacks are purely mercenary: rivals know they can hit pay dirt very quickly if they find an easy way to tap into data stores of already vetted stolen identities or financial information. Similarly, certain kinds of cyber skirmishes are initiated to take competitors out. And then there are the attacks that are a little more personal: to show someone up, settle a score, or otherwise make a philosophical stand.

Regardless of the motives, these kind of squabbles offer up a satisfying dose of schadenfreude for cybersecurity pros beleaguered by the bad guys. It's nice to watch them fight amongst themselves every once in a while. So, pull up a chair, grab some popcorn and read on.

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading. View Full Bio

Hello sir, I am absolutely agree with your saying, it is the stuff that shows human tendency, the rivalry between hackers and a piece of show off can also lead to such happenings, where hackers hack hackers.

As expected, hacker warfare demonstrates only the human tendency for turf-building and defense. What should be great consolation to civilians already hit by hackers is realization even the worst criminal operators are vulnerable, at some point, to some degree. All it takes is a persistent probe, and the rest is literally to worm through the defense perimenter.

The security story of the decade is the massive array of national resources around the world now devoted to state actor exploits-- both leading them and defending against them. By no accident, the NSA just expanded facilities with an architectural antitheis to its inscrutably dark monolith of a building in DC. The new NSA complex, located in the Utah desert, and entirely reflective white, is a virtual black hole for the world's data.

This article is a fresh perspective, but its tedious slide show format should be outlawed. When we readers see the tell-tale slide navigation controls, we already have been negatively conditioned by other slide shows. The fact we read the story, anyway, means your actual reader interest might double with a normal, single "page" article. (Yes, of course, we promise to read and click each ad-- just set them aside for us in a corner.)

Appreciate the links-- that saves us rediscovery, and a lot of time. Besides, DR sometimes offers a unique, gem of a link to richer material-- which is actually likely, since there is simply too much of the stuff to read with the same depth of attention.

Encryption and access controls are considered to be the ultimate safeguards to ensure the security and confidentiality of data, which is why they're mandated in so many compliance and regulatory standards. While the cybersecurity market boasts a wide variety of encryption technologies, many data breaches reveal that sensitive and personal data has often been left unencrypted and, therefore, vulnerable.

An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redirection target restricti...

A flaw was found in the Linux kernel in the NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel id and cause a use-after-free. Thus a malicious container user can cause a host kernel memory corruption and a system ...

An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If the PIN of the page &quot;/ui/cbpc/login&quot; is the default Parental Control PIN (0000), it is possible to bypass the login form by editing the path of the cookie &quot;sid&quot; generated by the page. The attacker will have acc...